1. Technical Field of the Invention
The present invention relates generally to processing devices and, more particularly, to confining a security key or keys for authentication to a boundary established by hardware circuitry, in which traffic in and out of the boundary is only through a designated secure interface.
2. Description of Related Art
Secure key mechanisms are utilized to convey encrypted data, so that only those having the proper key or keys are able to authenticate and decrypt the data. Typically, a sender will encrypt the data that is to be transmitted, in which the data, context data, or content key is “wrapped” to prevent unauthorized access. The recipient of the encrypted data utilizes a content key or a key that is unique to the receiving device to “unwrap” and authenticate to obtain access to the decrypted data. The key may be resident within the recipient or sent by the sender, in which case the key that is sent may also be “wrapped” to protect it from unauthorized access. An authorization key may also be transmitted through a hierarchy of devices and installed in the recipient by traversing a chain of trust through those devices. A variety of techniques are known, such as private key/public key exchanges, for transmitting data securely.
As an example, secure data transfer is utilized to perform secure financial transactions over a network, such as the Internet. In a typical secure transaction, data content that contains financial information, such as a credit/debit card information, are encrypted and transmitted to a designated recipient through an unsecure network. The recipient of the secure data utilizes a secure key to decrypt the data to retrieve the financial information.
In another example, a media content provider may transmit multimedia data, such as audio, video, MP-3 data, music, movies, television shows, etc, to a purchaser of such content utilizing a content key to access the data. The content key allows the authorized recipient to utilize the data. In order to access the content key, the recipient's device needs to “unwrap” the content key, typically using a device unique key, to decrypt the data.
In some instances where a recipient receives encrypted data, it may be possible that the sender allows the authorized recipient to decrypt the data by unwrapping the content key, but does not wish for the recipient to know the value of the key. For example, a provider sending a MP-3 download to a recipient wants the recipient to unwrap the content key to play the MP-3 file, but does not want the content key made available, so that the content key may be shared with other devices or users. Unless the content key is segregated from access by unsecure and/or unauthorized sources, components, circuits and/or software, these resources may have the ability to access and retrieve the secure key. Since, many devices use the same processor to process both secure and unsecure data, it is possible for the unsecure resources to access the secure key through a common component or interchange. In the MP-3 example described above, the content provider wants the downloader to unwrap the content key, but not to have the content key revealed.
Therefore, a need exists to provide a more secure key management scheme where a secure key may be unwrapped by a recipient, but the key not be revealed to the recipient and/or unauthorized resources.